New Capabilities Correlate Threat Activity Across Developer Machines, Source Code Repositories, Identity Providers, and Cloud Infrastructure in One Unified Platform
WALTHAM, Mass., April 26, 2023 /PRNewswire/ — Uptycs, provider of the first unified CNAPP and XDR platform, today announced the ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure Active Directory (Azure AD) to reveal suspicious behavior as the developer moves code in and out of repositories and into production. The result is an “early warning system” that allows security teams to identify and stop threat actors before they can access crown jewel data and services in the cloud.
Uptycs customers can track and analyze malicious activity across multiple attack surfaces from a single user interface (UI), including endpoints, cloud, containers, control plane for cloud and Kubernetes, and now code repositories like GitHub and identity providers like Okta and Azure AD.
Support for identity providers gives Uptycs the ability to tie together developer activity from their logged-in accounts, from their laptops, and into the cloud. These added capabilities improve threat detection and response, especially for security analysts investigating the severity and scope of an alert for incident response.
According to Gartner ®, “The attack surface of cloud-native applications is increasing. Attackers are targeting the misconfiguration of cloud infrastructure (network, compute, storage, identities and permissions), APIs and the software supply chain itself.”1 Moreover, cybersecurity attackers frequently steal credentials from developers and engineers that have access to important backend resources.”
Unlike siloed endpoint and cloud security solutions, Uptycs protects the entire arc of cloud-native application development, from the developer’s laptop to container runtime. With Uptycs, customers can reduce risk and prioritize responses to threats, vulnerabilities, and misconfigurations, as well as meet compliance mandates—all from a single UI and data model.
“Recent high-profile data breaches, such as LastPass and CircleCI, highlight the need to detect threat actors earlier in the kill chain before they move from a developer’s laptop into crown jewel data and services. This means giving security teams the ability to track threat activity across developer machines, source code repositories, identity providers, and cloud infrastructure,” said Ganesh Pai, co-founder and CEO of Uptycs. ‘Uptycs customers don’t have to choose between shifting left or right. They can shift up for unified security visibility and control over their modern attack surface—from laptop to cloud.”
Uptycs is at RSA Conference from at booth #0335 in the RSA South Expo Hall at Moscone Center in San Francisco.
Note: The ability to collect and analyze GitHub audit logs and user identity information from Okta and Azure AD will be available to all Uptycs customers in Q2, 2023.
To learn more about Uptycs, please visit: https://www.uptycs.com
Resources
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
About Uptycs
Your developer’s laptop is just a hop away from cloud infrastructure. Attackers don’t think in silos, so why would you have siloed solutions protecting public cloud, private cloud, containers, laptops, and servers?
Uptycs reduces risk by prioritizing your responses to threats, vulnerabilities, misconfigurations, sensitive data exposure, and compliance mandates across your modern attack surface—all from a single UI and data model. This includes the ability to tie together threat activity as it traverses on-prem and cloud boundaries, thus delivering a more cohesive enterprise-wide security posture.
Looking for acronym coverage? We have that, too, including CNAPP, CWPP, CSPM, KSPM, CIEM, CDR, and XDR. Start with your Detection Cloud, Google-like search, and the attack surface coverage you need today. Be ready for what’s next.
Shift up your cybersecurity with Uptycs. Learn how at: https://www.uptycs.com/
1 Source: Gartner, Market Guide for for Cloud-Native Application Protection Platforms, Neil MacDonald, Charlie Winckless, Dale Koeppen, 14 March 2023
SOURCE Uptycs